Topic: Ability to turn on / off external email on private-server &a

[Malcolm Faed]

Hi,

I think it would be helpfull if we had the option to enable the ability to receive external email in the private-server & gateway mode.

or conversly, the ability to disable the web server on the server & gateway mode.

In an environment where you pay for bandwidth, only having essential services running would be an advantage.

Thanks for listening.
Regards,
Malc.

[Nathan Fowler]

Malcolm, you do know these services can be manually disabled?  (No sarcasm intended).  Or are you wanting a control panel that enables the ability to disable and enable services?

Hope this helped,
Nathanh

[Malcolm Faed]

Hi Nathanh,

A control panel would be nice. Can you point me in the right direction to disabling the external web service manulay? ( have searched the forums to no avail)

Thanks for the tip.

Regards,
Malc

[Nathan Fowler]

You want to allow HTTPD on the inside LAN still?  If so just:

ipchains -A input -p tcp --dport 80 -j DENY -i
ipchains -A input -p tcp --dport 443 -j DENY -i

This will firewall all incoming HTTP/HTTPS requests on the external interface, while still allowing for HTTP/HTTPS connections on the internal interface.  Note the above rule should not affect routing/NAT, this only affects incoming connections to the mentioned ports.

If you wish for these rules to persist on boot, I would recommend appending them to the bottom of /etc/rc.d/rc.local

Note that most likely is eth1, depending on your configuration.

Let me know if this rule works out for you, if not, I'd be more than willing to help further.

Hope this helped,
Nathan

[darren]

http://myezserver.com/downloads/mitel/contrib/e-smith-service-control/